For the used SSL certificate to be valid, we need to use the externally visible hostname when accessing the homematic GUI. Thus, we need to configure this external hostname as the server's hostname, even if the server is only available on our internal network.
Be careful when exposing your actual homematic instance to the outside world without further safe-guards. Usually, it should only be accessible on the internal network.
Go to Einstellungen -> Systemsteuerung -> Netzwerkeinstellungen. There, you can create a self-signed certificate. Enter the hostname, your email address, and your country. The latter two values are ratehr unimportant here.
We need this certificate so that the webserevr is cionfigured correctly and we have a template file which we can later overwrite with our actual SSL certificate from Let's Encrypt.